none
Implementing electronic signature in .net RRS feed

  • Question

  • Hi All,

    As I got new requirement to develop electronic signature that shows user's acceptence. I need to develop this using asp.net. And Iam unable to find in google.


    So please can anyone help me in regard this.

    Thanks in Advance,
    Eshwar M.K.
    09731060160
    • Moved by Hengzhe Li Tuesday, June 21, 2011 12:24 PM Forum Consolidate (From:Microsoft Security Development Lifecycle (SDL) - Threat Modeling)
    Monday, November 10, 2008 1:03 PM

Answers

  • How do you expect to prove the identity of the user? If you have a way to assure the identity of the user, you could simply require an actual event (even as little as a checkbox) to cause the binding of the transaction. Of course, you could go as complex as using a PKI and having them digitally sign the transaction with a client certificate. Heck, you can do this with Rights Management Services if you really want to.

    However, you are putting the cart before the horse. Before fretting about the technology you want to use, you have to really model out what you want to accomplish, what roles and access is required to do it, and how you will complete the transaction. Do you have a rudamentary data flow diagram, showing where your user data is coming from, how you expect the communications to work, and where your trust boundaries exist?

    If we could understand your existing infrastructure, bound with a clear understanding of how the data will flow, we can help a bit more.

    And the good thing is, you will need the DFD for the threat modeling anyways :-)


    Dana Epp
    Microsoft Security MVP

    Thursday, November 13, 2008 9:27 PM

All replies

  • You'll need to say a bit more about your requirements. Is your client going to enter data on a web page after receiving a package for instance?
    Tuesday, November 11, 2008 6:37 PM
  • Hi,

    As per my requirement, when the user reads the pdf documents like rules and regulations and he has put the signature on the document ---- means he will click on the Click Sign button, it looks like.....



    Employee's Signature    
                
    here Right Mark should be there         Digitally Signed By WESLY JOHN PORTER on 13/11/2008


    I need to generate a unic id for each user and this is need to develop in ASP.NET 2.0.

    Thanks in Advance,
    Eshwar M.K.
    09731060160

      
    Thursday, November 13, 2008 6:16 PM
  • How do you expect to prove the identity of the user? If you have a way to assure the identity of the user, you could simply require an actual event (even as little as a checkbox) to cause the binding of the transaction. Of course, you could go as complex as using a PKI and having them digitally sign the transaction with a client certificate. Heck, you can do this with Rights Management Services if you really want to.

    However, you are putting the cart before the horse. Before fretting about the technology you want to use, you have to really model out what you want to accomplish, what roles and access is required to do it, and how you will complete the transaction. Do you have a rudamentary data flow diagram, showing where your user data is coming from, how you expect the communications to work, and where your trust boundaries exist?

    If we could understand your existing infrastructure, bound with a clear understanding of how the data will flow, we can help a bit more.

    And the good thing is, you will need the DFD for the threat modeling anyways :-)


    Dana Epp
    Microsoft Security MVP

    Thursday, November 13, 2008 9:27 PM
  • I got the similar requirement. Can you please tell me how did you design your system? I am more concerned about Electronic Signature/Digital Signature. I am thinking of using Email address to identify user. Please share your experience.

    Thank you


    Friday, October 4, 2013 9:07 PM